HTTP: Mozilla RDF File Handling Remote Memory Corruption
This signature detects attempts to exploit a known vulnerability in the handling of RDF files in Mozilla Products. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.
Extended Description
Mozilla Firefox and Thunderbird are prone to a remote memory-corruption vulnerability that attackers can exploit to cause denial-of-service conditions and possibly execute arbitrary code. The vulnerability is fixed in Firefox 3.0.12 and 3.5. Note that Thunderbird is also affected but Mozilla hasn't specified the vulnerable and fixed versions. This vulnerability was previously covered in BID 35758 (Mozilla Firefox MFSA 2009-34, -35, -36, -37, -39, -40 Multiple Vulnerabilities) but has been assigned its own record to better document the issue.
Affected Products
Pardus linux_2009
Short Name
HTTP:STC:MOZILLA:RDF-FILE-MC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2009-2464 Corruption File Handling Memory Mozilla RDF Remote bid:35775
Release Date
12/06/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Sun
Mozilla
Pardus
Slackware
Ubuntu
Mandriva
Debian
CVSS Score
10.0